Skip to content

Commit cb4e7b2

Browse files
corherecorhere
committed
libnetwork/d/overlay: make setupEncryption a method
The setupEncryption and removeEncryption functions take several parameters, but all call sites pass the same values for all the parameters aside from remoteIP: values taken from fields of the driver struct. Refactor these functions to be methods of the driver struct and drop the redundant parameters. Signed-off-by: Cory Snider <[email protected]>
1 parent 0d89325 commit cb4e7b2

1 file changed

Lines changed: 15 additions & 15 deletions

File tree

libnetwork/drivers/overlay/encryption.go

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -129,8 +129,6 @@ func (d *driver) checkEncryption(nid string, rIP netip.Addr, add bool) error {
129129
return types.ForbiddenErrorf("encryption key is not present")
130130
}
131131

132-
lIP := d.bindAddress
133-
aIP := d.advertiseAddress
134132
nodes := map[netip.Addr]struct{}{}
135133

136134
switch {
@@ -153,14 +151,14 @@ func (d *driver) checkEncryption(nid string, rIP netip.Addr, add bool) error {
153151

154152
if add {
155153
for rIP := range nodes {
156-
if err := setupEncryption(lIP, aIP, rIP, d.secMap, d.keys); err != nil {
157-
log.G(context.TODO()).Warnf("Failed to program network encryption between %s and %s: %v", lIP, rIP, err)
154+
if err := d.setupEncryption(rIP); err != nil {
155+
log.G(context.TODO()).Warnf("Failed to program network encryption to remote peer %s: %v", rIP, err)
158156
}
159157
}
160158
} else {
161159
if rIP.IsValid() && len(nodes) == 0 {
162-
if err := removeEncryption(lIP, rIP, d.secMap); err != nil {
163-
log.G(context.TODO()).Warnf("Failed to remove network encryption between %s and %s: %v", lIP, rIP, err)
160+
if err := d.removeEncryption(rIP); err != nil {
161+
log.G(context.TODO()).Warnf("Failed to remove network encryption to remote peer %s: %v", rIP, err)
164162
}
165163
}
166164
}
@@ -170,7 +168,9 @@ func (d *driver) checkEncryption(nid string, rIP netip.Addr, add bool) error {
170168

171169
// setupEncryption programs the encryption parameters for secure communication
172170
// between the local node and a remote node.
173-
func setupEncryption(localIP, advIP, remoteIP netip.Addr, em *encrMap, keys []*key) error {
171+
func (d *driver) setupEncryption(remoteIP netip.Addr) error {
172+
localIP, advIP := d.bindAddress, d.advertiseAddress
173+
keys := d.keys // FIXME: data race
174174
log.G(context.TODO()).Debugf("Programming encryption between %s and %s", localIP, remoteIP)
175175

176176
indices := make([]*spi, 0, len(keys))
@@ -195,17 +195,17 @@ func setupEncryption(localIP, advIP, remoteIP netip.Addr, em *encrMap, keys []*k
195195
}
196196
}
197197

198-
em.Lock()
199-
em.nodes[remoteIP] = indices
200-
em.Unlock()
198+
d.secMap.Lock()
199+
d.secMap.nodes[remoteIP] = indices
200+
d.secMap.Unlock()
201201

202202
return nil
203203
}
204204

205-
func removeEncryption(localIP, remoteIP netip.Addr, em *encrMap) error {
206-
em.Lock()
207-
indices, ok := em.nodes[remoteIP]
208-
em.Unlock()
205+
func (d *driver) removeEncryption(remoteIP netip.Addr) error {
206+
d.secMap.Lock()
207+
indices, ok := d.secMap.nodes[remoteIP]
208+
d.secMap.Unlock()
209209
if !ok {
210210
return nil
211211
}
@@ -214,7 +214,7 @@ func removeEncryption(localIP, remoteIP netip.Addr, em *encrMap) error {
214214
if i == 0 {
215215
dir = bidir
216216
}
217-
fSA, rSA, err := programSA(localIP.AsSlice(), remoteIP.AsSlice(), idxs, nil, dir, false)
217+
fSA, rSA, err := programSA(d.bindAddress.AsSlice(), remoteIP.AsSlice(), idxs, nil, dir, false)
218218
if err != nil {
219219
log.G(context.TODO()).Warn(err)
220220
}

0 commit comments

Comments
 (0)